/*
 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
 * ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 *
 */

package java.lang;

import java.security.*;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;

/**
 * 此类用于运行时权限。RuntimePermission
 * 包含一个名称（也称为"目标名称"），但
 * 没有操作列表；您要么拥有指定的权限，
 * 要么没有。
 *
 * <P>
 * 目标名称是运行时权限的名称（见下文）。
 * 命名约定遵循分层属性命名约定。
 * 此外，星号可能出现在名称末尾，跟在"."后面，或单独出现，
 * 以表示通配符匹配。例如："loadLibrary.*"和"*"表示
 * 通配符匹配，而"*loadLibrary"和"a*b"则不是。
 * <P>
 * 下表列出了所有可能的RuntimePermission目标名称，
 * 并为每个名称提供了权限允许的操作描述
 * 以及授予代码该权限的风险讨论。
 *
 * <table border=1 cellpadding=5 summary="权限目标名称，
 *  目标允许的操作，以及相关风险">
 * <tr>
 * <th>权限目标名称</th>
 * <th>权限允许的操作</th>
 * <th>允许此权限的风险</th>
 * </tr>
 *
 * <tr>
 *   <td>createClassLoader</td>
 *   <td>创建类加载器</td>
 *   <td>这是一个极其危险的权限。
 * 能够实例化自己的类加载器的恶意应用程序
 * 可以将自己的恶意类加载到系统中。
 * 这些新加载的类可以被类加载器放置到任何保护域中，
 * 从而自动授予这些类该域的权限。</td>
 * </tr>
 *
 * <tr>
 *   <td>getClassLoader</td>
 *   <td>检索类加载器（例如，调用类的类加载器）</td>
 *   <td>这将授予攻击者获取特定类的类加载器的权限。
 * 这很危险，因为访问类的类加载器允许攻击者
 * 加载该类加载器可用的其他类。
 * 攻击者通常无法访问这些类。</td>
 * </tr>
 *
 * <tr>
 *   <td>setContextClassLoader</td>
 *   <td>设置线程使用的上下文类加载器</td>
 *   <td>当系统代码和扩展需要查找可能不存在于系统类加载器中的资源时，
 * 会使用上下文类加载器。授予setContextClassLoader权限将允许
 * 代码更改特定线程（包括系统线程）使用的上下文类加载器。</td>
 * </tr>
 *
 * <tr>
 *   <td>enableContextClassLoaderOverride</td>
 *   <td>线程上下文类加载器方法的子类实现</td>
 *   <td>当系统代码和扩展需要查找可能不存在于系统类加载器中的资源时，
 * 会使用上下文类加载器。授予enableContextClassLoaderOverride权限将允许
 * Thread的子类重写用于获取或设置特定线程的上下文类加载器的方法。</td>
 * </tr>
 *
 * <tr>
 *   <td>closeClassLoader</td>
 *   <td>关闭ClassLoader</td>
 *   <td>授予此权限允许代码关闭它引用的任何URLClassLoader。</td>
 * </tr>
 *
 * <tr>
 *   <td>setSecurityManager</td>
 *   <td>设置安全管理器（可能替换现有的）
 * </td>
 *   <td>安全管理器是允许应用程序实现安全策略的类。
 * 授予setSecurityManager权限将允许代码通过安装不同的、
 * 可能限制较少的安全管理器来更改使用的安全管理器，
 * 从而绕过原始安全管理器强制执行的检查。</td>
 * </tr>
 *
 * <tr>
 *   <td>createSecurityManager</td>
 *   <td>创建新的安全管理器</td>
 *   <td>这使代码能够访问受保护的敏感方法，
 * 这些方法可能泄露有关其他类或执行堆栈的信息。</td>
 * </tr>
 *
 * <tr>
 *   <td>getenv.{variable name}</td>
 *   <td>读取指定环境变量的值</td>
 *   <td>这将允许代码读取特定环境变量的值或确定其存在性。
 *       如果变量包含机密数据，这是危险的。</td>
 * </tr>
 *
 * <tr>
 *   <td>exitVM.{exit status}</td>
 *   <td>使用指定退出状态停止Java虚拟机</td>
 *   <td>这允许攻击者通过自动强制虚拟机停止来发起拒绝服务攻击。
 * 注意："exitVM.*"权限自动授予从应用程序类路径加载的所有代码，
 * 从而使应用程序能够终止自己。此外，"exitVM"权限等同于"exitVM.*"。</td>
 * </tr>
 *
 * <tr>
 *   <td>shutdownHooks</td>
 *   <td>注册和取消虚拟机关闭钩子</td>
 *   <td>这允许攻击者注册恶意关闭钩子，
 * 干扰虚拟机的正常关闭。</td>
 * </tr>
 *
 * <tr>
 *   <td>setFactory</td>
 *   <td>设置ServerSocket或Socket使用的套接字工厂，
 * 或URL使用的流处理程序工厂</td>
 *   <td>这允许代码为套接字、服务器套接字、流处理程序或RMI套接字工厂
 * 设置实际实现。攻击者可能设置有缺陷的实现来破坏数据流。</td>
 * </tr>
 *
 * <tr>
 *   <td>setIO</td>
 *   <td>设置System.out、System.in和System.err</td>
 *   <td>这允许更改标准系统流的值。
 * 攻击者可能更改System.in来监控和窃取用户输入，
 * 或将System.err设置为"null" OutputStream，
 * 这将隐藏发送到System.err的任何错误消息。</td>
 * </tr>
 *
 * <tr>
 *   <td>modifyThread</td>
 *   <td>修改线程，例如通过调用Thread的
 * <tt>interrupt</tt>、<tt>stop</tt>、<tt>suspend</tt>、
 * <tt>resume</tt>、<tt>setDaemon</tt>、<tt>setPriority</tt>、
 * <tt>setName</tt>和<tt>setUncaughtExceptionHandler</tt>
 * 方法</td>
 * <td>这允许攻击者修改系统中任何线程的行为。</td>
 * </tr>
 *
 * <tr>
 *   <td>stopThread</td>
 *   <td>通过调用Thread的<code>stop</code>方法停止线程</td>
 *   <td>这允许代码停止系统中的任何线程，前提是它已被授予访问该线程的权限。
 * 这构成威胁，因为该代码可能通过杀死现有线程来破坏系统。</td>
 * </tr>
 *
 * <tr>
 *   <td>modifyThreadGroup</td>
 *   <td>修改线程组，例如通过调用ThreadGroup的
 * <code>destroy</code>、<code>getParent</code>、<code>resume</code>、
 * <code>setDaemon</code>、<code>setMaxPriority</code>、<code>stop</code>
 * 和<code>suspend</code>方法</td>
 *   <td>这允许攻击者创建线程组并设置其运行优先级。</td>
 * </tr>
 *
 * <tr>
 *   <td>getProtectionDomain</td>
 *   <td>检索类的ProtectionDomain</td>
 *   <td>这允许代码获取特定代码源的策略信息。
 * 虽然获取策略信息不会危及系统安全，但它确实为攻击者
 * 提供了额外信息（例如本地文件名），以便更好地瞄准攻击。</td>
 * </tr>
 *
 * <tr>
 *   <td>getFileSystemAttributes</td>
 *   <td>Retrieval of file system attributes</td>
 *   <td>This allows code to obtain file system information such as disk usage
 *       or disk space available to the caller.  This is potentially dangerous
 *       because it discloses information about the system hardware
 *       configuration and some information about the caller's privilege to
 *       write files.</td>
 * </tr>
 *
 * <tr>
 *   <td>readFileDescriptor</td>
 *   <td>Reading of file descriptors</td>
 *   <td>This would allow code to read the particular file associated
 *       with the file descriptor read. This is dangerous if the file
 *       contains confidential data.</td>
 * </tr>
 *
 * <tr>
 *   <td>writeFileDescriptor</td>
 *   <td>Writing to file descriptors</td>
 *   <td>This allows code to write to a particular file associated
 *       with the descriptor. This is dangerous because it may allow
 *       malicious code to plant viruses or at the very least, fill up
 *       your entire disk.</td>
 * </tr>
 *
 * <tr>
 *   <td>loadLibrary.{library name}</td>
 *   <td>Dynamic linking of the specified library</td>
 *   <td>It is dangerous to allow an applet permission to load native code
 * libraries, because the Java security architecture is not designed to and
 * does not prevent malicious behavior at the level of native code.</td>
 * </tr>
 *
 * <tr>
 *   <td>accessClassInPackage.{package name}</td>
 *   <td>Access to the specified package via a class loader's
 * <code>loadClass</code> method when that class loader calls
 * the SecurityManager <code>checkPackageAccess</code> method</td>
 *   <td>This gives code access to classes in packages
 * to which it normally does not have access. Malicious code
 * may use these classes to help in its attempt to compromise
 * security in the system.</td>
 * </tr>
 *
 * <tr>
 *   <td>defineClassInPackage.{package name}</td>
 *   <td>Definition of classes in the specified package, via a class
 * loader's <code>defineClass</code> method when that class loader calls
 * the SecurityManager <code>checkPackageDefinition</code> method.</td>
 *   <td>This grants code permission to define a class
 * in a particular package. This is dangerous because malicious
 * code with this permission may define rogue classes in
 * trusted packages like <code>java.security</code> or <code>java.lang</code>,
 * for example.</td>
 * </tr>
 *
 * <tr>
 *   <td>accessDeclaredMembers</td>
 *   <td>Access to the declared members of a class</td>
 *   <td>This grants code permission to query a class for its public,
 * protected, default (package) access, and private fields and/or
 * methods. Although the code would have
 * access to the private and protected field and method names, it would not
 * have access to the private/protected field data and would not be able
 * to invoke any private methods. Nevertheless, malicious code
 * may use this information to better aim an attack.
 * Additionally, it may invoke any public methods and/or access public fields
 * in the class.  This could be dangerous if
 * the code would normally not be able to invoke those methods and/or
 * access the fields  because
 * it can't cast the object to the class/interface with those methods
 * and fields.
</td>
 * </tr>
 * <tr>
 *   <td>queuePrintJob</td>
 *   <td>Initiation of a print job request</td>
 *   <td>This could print sensitive information to a printer,
 * or simply waste paper.</td>
 * </tr>
 *
 * <tr>
 *   <td>getStackTrace</td>
 *   <td>Retrieval of the stack trace information of another thread.</td>
 *   <td>This allows retrieval of the stack trace information of
 * another thread.  This might allow malicious code to monitor the
 * execution of threads and discover vulnerabilities in applications.</td>
 * </tr>
 *
 * <tr>
 *   <td>setDefaultUncaughtExceptionHandler</td>
 *   <td>Setting the default handler to be used when a thread
 *   terminates abruptly due to an uncaught exception</td>
 *   <td>This allows an attacker to register a malicious
 *   uncaught exception handler that could interfere with termination
 *   of a thread</td>
 * </tr>
 *
 * <tr>
 *   <td>preferences</td>
 *   <td>Represents the permission required to get access to the
 *   java.util.prefs.Preferences implementations user or system root
 *   which in turn allows retrieval or update operations within the
 *   Preferences persistent backing store.) </td>
 *   <td>This permission allows the user to read from or write to the
 *   preferences backing store if the user running the code has
 *   sufficient OS privileges to read/write to that backing store.
 *   The actual backing store may reside within a traditional filesystem
 *   directory or within a registry depending on the platform OS</td>
 * </tr>
 *
 * <tr>
 *   <td>usePolicy</td>
 *   <td>Granting this permission disables the Java Plug-In's default
 *   security prompting behavior.</td>
 *   <td>For more information, refer to Java Plug-In's guides, <a href=
 *   "../../../technotes/guides/plugin/developer_guide/security.html">
 *   Applet Security Basics</a> and <a href=
 *   "../../../technotes/guides/plugin/developer_guide/rsa_how.html#use">
 *   usePolicy Permission</a>.</td>
 * </tr>
 * </table>
 *
 * @see java.security.BasicPermission
 * @see java.security.Permission
 * @see java.security.Permissions
 * @see java.security.PermissionCollection
 * @see java.lang.SecurityManager
 *
 *
 * @author Marianne Mueller
 * @author Roland Schemers
 */

public final class RuntimePermission extends BasicPermission {

    private static final long serialVersionUID = 7399184964622342223L;

    /**
     * 创建具有指定名称的新RuntimePermission。
     * 名称是RuntimePermission的符号名称，例如
     * "exit"、"setFactory"等。星号可能出现在名称末尾，
     * 跟在"."后面，或单独出现，以表示通配符匹配。
     *
     * @param name RuntimePermission的名称。
     *
     * @throws NullPointerException 如果<code>name</code>为<code>null</code>。
     * @throws IllegalArgumentException 如果<code>name</code>为空。
     */

    public RuntimePermission(String name)
    {
        super(name);
    }

    /**
     * 创建具有指定名称的新RuntimePermission对象。
     * 名称是RuntimePermission的符号名称，
     * actions字符串当前未使用，应为null。
     *
     * @param name RuntimePermission的名称。
     * @param actions 应为null。
     *
     * @throws NullPointerException 如果<code>name</code>为<code>null</code>。
     * @throws IllegalArgumentException 如果<code>name</code>为空。
     */

    public RuntimePermission(String name, String actions)
    {
        super(name, actions);
    }
}
